CNNVD-202507-3560 Information
CNNVD ID
CNNVD-202507-3560
Related CVE
- CNNVD Published: 2025-07-28
Description (Chinese)
Polkadot Frontier是Polkadot EVM开源的一个提供以太坊虚拟机兼容层的应用程序。 Polkadot Frontier a754b3d之前版本存在代码问题漏洞,该漏洞源于未实现note_min_gas_price_target的check_inherent函数,可能导致Gas价格操纵。
Description (English)
Polkadot Frontier is an application from Polkadot EVM open source that provides a virtual machine-compatible layer in the Taifeng. Polkadot Frontier a754b3d has a code problem loophole, which stems from the non-achievement of the note min gas price target’s check inherent function, which could lead to Gas price manipulation.
Hazard Level
High
Vulnerability Type
代码问题
Affected Vendor
Polkadot EVM
Published
2025-07-28
Last Modified
2026-02-24
References
https://github.com/polkadot-evm/frontier/security/advisories/GHSA-r6rj-gmqh-cv94 https://github.com/polkadot-evm/frontier/commit/a754b3dc6e1b6da98f71aea7bb1fa08677b24186 https://dotpal.io/assets/files/frontier-srlabs-2505-718c3bfa5df9fed1862fed05de506859.pdf https://access.redhat.com/security/cve/cve-2025-54427
Patch
https://github.com/polkadot-evm/frontier/tags
Share on: